search

SAP / jenkins-library

Jenkins shared library for Continuous Delivery pipelines.
https://www.project-piper.io
Apache License 2.0
779 stars 590 forks source link

mtaExtensionCredentials in cloudFoundryDeploy not working, credentials never replaced #2657

Closed i535489 closed 2 years ago

i535489 commented 3 years ago

Hi,

Based on https://www.project-piper.io/steps/cloudFoundryDeploy/#parameters and explanation : mtaExtensionCredentials - Defines a map of credentials that need to be replaced in the mtaExtensionDescriptor. This map needs to be created as value-to-be-replaced:id-of-a-credential-in-jenkins credentials are not replaced even if in the log we have the lines:

20:56:50  [cloudFoundryDeploy] Modifying mta-mail-service-credentials.mtaext. Adding credential values from Jenkins.
20:56:50  [Pipeline] sh
20:56:51  + cp mta-mail-service-credentials.mtaext mta-mail-service-credentials.mtaext.original

My setup: Jenkinsfile

@Library('piper-lib-os') _

node(){
  stage('Prepare')   {
    deleteDir()
    checkout scm
    setupCommonPipelineEnvironment script:this
  }

  stage('Build')   {
    mtaBuild script:this
  }

  stage('Deploy')   {
    cloudFoundryDeploy(
      script: this,
      cloudFoundry: [apiEndpoint: '${apiEndpoint}', org: '${org}', space: '${space}'],
      deployTool:'mtaDeployPlugin',
      deployType: 'standard',      
      mtaExtensionCredentials: ['smtp-user-placeholder':'smtp-user','smtp-password-placeholder':'smtp-password']
    )
  }
}

mta.yml

# ------------------------------------------------------------
  - name: service-email
    type: org.cloudfoundry.user-provided-service  
    parameters:
      config:
        email-user: user
        email-pass: pass

mta-mail-service-credentials.mtaext

resources:
  - name: service-email
    parameters:
      config:
        email-user: 'smtp-user-placeholder'
        email-pass: 'smtp-password-placeholder'

config.yml

general:
  buildTool: 'mta'
  collectTelemetryData: false

### Step-specific configuration
steps:
  mtaBuild:
    buildTarget: 'CF' 
  cloudFoundryDeploy:
    cloudFoundry:
      credentialsId: 'CF_CREDENTIALSID'      
      mtaExtensionDescriptor: 'mta-mail-service-credentials.mtaext'

In Jenkins:


T | P | Store  ↓ | Domain | ID | Name
-- | -- | -- | -- | -- | --

  |   | Jenkins | (global) | CF_CREDENTIALSID | *****@sap.com/******
  |   | Jenkins | (global) | smtp-user | smtp-user
  |   | Jenkins | (global) | smtp-password | smtp-password

In CF the result is: 

    "user-provided": [
            {
                "label": "user-provided",
                "name": "service-email",
                "tags": [],
                "instance_name": "service-email",
                "binding_name": null,
                "credentials": {
                    "email-pass": "smtp-password-placeholder",
                    "email-user": "smtp-user-placeholder"
                },
                "syslog_drain_url": "",
                "volume_mounts": []
            }
        ]

As you can see the variables have been correctly replaced by the data from mta-mail-service-credentials.mtaext but the credentials have not been replaced.

Thanks for your help. Best regards

i535489 commented 3 years ago

Hi,

Issue solved by a colleagues, documentation need to be improved !

For others that are stuck like me, to have variable replacement you need to mark variable like: "<%= variable to be replaced %>"

Found in the source code here : https://github.com/SAP/jenkins-library/blob/master/vars/cloudFoundryDeploy.groovy#L391

mta-mail-service-credentials.mtaext


resources:
  - name: service-email
    parameters:
      config:
        email-user:  "<%= smtp-user-placeholder  %>"
        email-pass: "<%= smtp-password-placeholder  %>"

Nicolas

github-actions[bot] commented 2 years ago

Thank you for your contribution! This issue is stale because it has been open 60 days with no activity. In order to keep it open, please remove stale label or add a comment within the next 10 days. If you need a Piper team member to remove the stale label make sure to add @SAP/jenkins-library-team to your comment.

OliverNocon commented 2 years ago

@radsoulbeard could you maybe have a look how we could improve the docs here?

github-actions[bot] commented 2 years ago

Thank you for your contribution! This issue is stale because it has been open 60 days with no activity. In order to keep it open, please remove stale label or add a comment within the next 10 days. If you need a Piper team member to remove the stale label make sure to add @SAP/jenkins-library-team to your comment.

github-actions[bot] commented 2 years ago

Issue got stale and no further activity happened. It has automatically been closed. Please re-open in case you still consider it relevant.